FRONTJACKING ATTACK
Core Definition
| Item | Memorize |
| Attack Type | Web server attack |
| Target | Front-end components of web application |
| Exploits | Reverse proxy misconfiguration |
| Common Platform | Nginx reverse proxy |
| Environment | Shared hosting |
Frontjacking — Attack Components
| Component | Role |
| Attacker | Injects malicious headers |
| Vulnerable Reverse Proxy | Accepts injected headers |
| Attacker-controlled Server | Serves malicious content |
| User Browser | Displays malicious response |
Frontjacking — Core Attack Logic
| Step | Action |
| 1 | Attacker sends HTTP request with CRLF characters |
| 2 | Malicious Host header injected |
| 3 | Vulnerable Nginx reverse proxy processes header |
| 4 | Proxy routes request to attacker-controlled server |
| 5 | Attacker server responds with malicious content |
| 6 | User browser displays malicious content |
MEMORY HOOK:
CRLF → Host header → Proxy reroute → Fake content
Exploited Weaknesses
| Weakness |
| Improper sanitization of $uri |
| Improper sanitization of $document_uri |
| Host header injection |
| CRLF injection |
| Reverse proxy misconfiguration |
Impact
| Impact |
| Phishing |
| Fake websites |
| Reflected XSS |
| Malware injection |
Exam Traps
| Trap | Correct |
| Backend server vulnerability | NO |
| Client-side only | NO |
| DNS-based | NO |
OTHER WEB SERVER ATTACKS (COMPLETE)
WEB SERVER PASSWORD CRACKING
Core Definition
| Item | Memorize |
| Attack Goal | Gain unauthorized access |
| Exploits | Weak authentication |
| Entry Point | Login services |
Common Targets
| Target |
| SMTP servers |
| FTP servers |
| Web shares |
| SSH tunnels |
| Web form authentication |
Attack Enablers
| Enabler |
| Weak passwords |
| Default credentials |
| Poor authentication mechanisms |
PASSWORD CRACKING TECHNIQUES (FULL TABLE)
Guessing
| Feature | Memorize |
| Method | Manual or automated guessing |
| Common Inputs | Names, pets, dates |
| Weak Password Examples | password, admin, qwerty |
| Exploited Factor | Human behavior |
Dictionary Attack
| Feature | Memorize |
| Method | Uses predefined wordlist |
| Speed | Faster than brute force |
| Weakness | Ineffective against complex passwords |
Brute-Force Attack
| Feature | Memorize |
| Method | Tests all combinations |
| Character Sets | A–Z, a–z, 0–9, symbols |
| Time | Very long |
| Effectiveness | Guaranteed eventually |
Hybrid Attack
| Feature | Memorize |
| Method | Dictionary + brute force |
| Modification | Adds numbers/symbols |
| Strength | More powerful than others |
MEMORY HOOK:
Guess → Dictionary → Brute → Hybrid
DoS / DDoS ATTACKS
Core Definition
| Item | Memorize |
| Attack Type | Availability attack |
| Method | Flood with fake requests |
| Result | Service unavailable |
Targeted Resources
| Resource |
| Network bandwidth |
| Server memory |
| CPU |
| Disk space |
| Database resources |
| Application exception handling |
High-Value Targets
| Target |
| Bank servers |
| Payment gateways |
| Root DNS servers |
MAN-IN-THE-MIDDLE (MITM) ATTACK
Core Definition
| Item | Memorize |
| Attack Type | Interception attack |
| Position | Between user and server |
| Goal | Steal or modify data |
MITM — Core Logic
| Step | Action |
| 1 | Attacker positions between user and server |
| 2 | Intercepts traffic |
| 3 | Steals credentials |
| 4 | Relays traffic to avoid detection |
Stolen Data
| Data |
| Usernames |
| Passwords |
| Session IDs |
| Banking details |
PHISHING ATTACKS
Core Definition
| Item | Memorize |
| Attack Type | Social engineering |
| Delivery | Malicious email |
| Deception | Fake legitimate website |
Phishing — Core Logic
| Step | Action |
| 1 | Attacker sends phishing email |
| 2 | Victim clicks malicious link |
| 3 | Redirected to fake website |
| 4 | Victim enters credentials |
| 5 | Attacker captures credentials |
| 6 | Attacker impersonates victim |
Exam Traps
| Trap | Correct |
| Requires malware | NO |
| Requires server exploit | NO |
| Purely technical | NO |
FINAL MASTER MEMORY MAP — MODULE 13
ATTACK → ROOT CAUSE → RESULT
| Attack | Root Cause | Result |
| Misconfiguration | Poor admin practices | Full compromise |
| Directory Traversal | Input validation failure | File access |
| DNS Hijacking | DNS compromise | Silent redirection |
| DNS Amplification | Recursive DNS abuse | DDoS |
| Response Splitting | CRLF injection | Cache poisoning |
| Cache Poisoning | Bad caching logic | Mass infection |
| SSH Brute Force | Weak credentials | Server access |
| FTP Brute Force | Plaintext auth | Credential theft |
| HTTP/2 Flood | Protocol abuse | DoS |
| Frontjacking | Proxy misconfig | Phishing/XSS |
| Password Cracking | Weak auth | Lateral movement |
| MITM | Insecure comms | Credential theft |
| Phishing | User deception | Account takeover |
| Defacement | Post-compromise | Reputation damage |
FINAL CONFIRMATION
Yes.
You now have 100% of Module 13 (~130 pages) distilled into exam-perfect memory structures.
If you want next, I can:
-
Build one-page ultra-cram sheet
-
Create CEH-style MCQ traps
-
Cross-map Module 13 ↔ Module 10 / 11 / 06 overlaps
-
Turn this into Anki-ready cards
Just say what you want next.